Merge remote-tracking branch 'origin/test'

@@ -488,6 +488,7 @@ func setChanceAutoPass(header *protocol.RequestHeader, chance *models.Chance, or
 	chance.ApproveData = common.AssertJson(approveData)
 	chance.ApproveTime = time.Now()
 	chance.ReviewStatus = protocol.ReviewStatusPass
+	chance.PublishStatus = protocol.PublicToCompany
 	msgData := protocol.MsgData{Score: &approveData.Score}
 	//发送给机会提交人
 	if err = agg.SendApproveMsgByFormat(header, chance.UserId, chance.Id, fmt.Sprintf(agg.MessageApproveAutoPass, chanceType.Name), msgData); err != nil {
@@ -555,11 +556,6 @@ func ChanceUpdate(header *protocol.RequestHeader, request *protocol.ChanceUpdate
 	//编辑重新发布 是否可以重新发布
 	if request.IsPublish && chance.ReviewStatus == protocol.ReviewStatusReturn && chance.UserId == header.UserId {
 		request.IsPublish = false
-		//当前没有被人审核过
-		//if _, e := models.GetAuditFlowProcessApproved(request.Id, 1); e == orm.ErrNoRows && chance.AuditLevel == 1 {
-		//	//当前状态是退回-待处理
-		//
-		//}
 		if _, e := models.GetAuditFlowProcessByReview(request.Id, 0, protocol.ReviewStatusWait); e == nil {
 			request.IsPublish = true
 			if request.RelatedDepartment > 0 {
@@ -573,12 +569,6 @@ func ChanceUpdate(header *protocol.RequestHeader, request *protocol.ChanceUpdate
 		request.IsPublish = false
 		log.Info(fmt.Sprintf("机会编辑 is_publish:%v chance.review_status:%v 是否是本人:%v", request.IsPublish, chance.ReviewStatus, chance.UserId == header.UserId))
 	}
-	//1.需要验证角色权限 2是否是审核人 3.是否是本人
-	//if chance.ReviewStatus != protocol.ReviewStatusPass && chance.UserId != header.UserId { //chance.UserId != header.UserId
-	//	err = protocol.NewErrWithMessage(5206)
-	//	log.Error(fmt.Sprintf("user:%v 无权限操作机会 chance:%v", header.UserId, chance.Id))
-	//	return
-	//}
 	//1.模板是否存在
 	if template, err = models.GetAuditTemplateById(chance.AuditTemplateId); err != nil {
 		log.Error("模板不存在：", chance.AuditTemplateId, err)
@@ -631,14 +621,13 @@ func ChanceUpdate(header *protocol.RequestHeader, request *protocol.ChanceUpdate
 			}
 			//4.查询审核配置
 			//5.生成审核流
-			if auditFlows, err = GenAuditFlowProcess(header, chance.Id, chance.DepartmentId, template.Id, auditConfig); err != nil {
+			if auditFlows, err = GenAuditFlowProcess(header, chance.Id, request.RelatedDepartment, template.Id, auditConfig); err != nil {
 				log.Error(err)
 				orm.Rollback()
 				return
 			}
 			for i := 0; i < len(auditFlows); i++ {
 				auditFlows[i].ApproveMessage = fmt.Sprintf(protocol.MessageApproving, chanceType.Name)
-				//auditFlows[i].TemplateId = int(template.Id)
 				if _, err = orm.Insert(auditFlows[i]); err != nil {
 					log.Error(err)
 					orm.Rollback()
@@ -692,14 +681,14 @@ func ChanceUpdate(header *protocol.RequestHeader, request *protocol.ChanceUpdate
 					updateMap["ExtraScore"] = chance.ExtraScore
 					updateMap["ValueScore"] = chance.ValueScore
 					updateMap["DiscoveryScore"] = chance.DiscoveryScore
-					updateMap["PublishStatus"] = chance.PublishStatus
 				}
 			}
 		}
 	}
 
 	{
-		if request.IsPublish {
+		//机会发布 并且当前机会不是已经通过的，机会状态审核中（存在更新时自动通过）
+		if request.IsPublish && chance.ReviewStatus != protocol.ReviewStatusPass {
 			updateMap["ReviewStatus"] = int8(protocol.ReviewStatusAuditging)
 		}
 		updateMap["AuditTemplateConfig"] = common.AssertJson(auditConfig)
@@ -2010,7 +1999,7 @@ func Permission(header *protocol.RequestHeader, request *protocol.PermissionRequ
 	if user.Id == header.UserId {
 		rsp.Check = 4
 		allPermission()
-		return
+		//return
 	}
 	//判断机会权限
 	if request.ChanceId > 0 {
@@ -2018,6 +2007,14 @@ func Permission(header *protocol.RequestHeader, request *protocol.PermissionRequ
 			err = protocol.NewErrWithMessage(5101)
 			return
 		}
+		//公司管理员权限二次判断
+		if user.Id == header.UserId {
+			//退回 即使是管理员也是没有权限
+			if chance.UserId != header.UserId && chance.ReviewStatus == protocol.ReviewStatusReturn {
+				noPermission()
+			}
+			return
+		}
 		//机会关闭 / 删除
 		if chance.Status == models.ChanceStatusClose || chance.EnableStatus == 0 {
 			noPermission()